CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-21876

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix suspicious RCU usage Commit <d74169ceb0d2> ("iommu/vt-d: Allocate DMAR fault interrupts locally") moved the call to enable_drhd_fault_handling() to a code path that does not hold any lock while traversing the drhd list. Fix it by ensuring the dmar_global_lock lock is held when traversing the drhd list. Without this fix, the following warning is triggered: ============================= WARNING: suspicious RCU usage 6.14.0-rc3 #55 Not tainted ----------------------------- drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 1, debug_locks = 1 2 locks held by cpuhp/1/23: #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0 #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0 stack backtrace: CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55 Call Trace: <TASK> dump_stack_lvl+0xb7/0xd0 lockdep_rcu_suspicious+0x159/0x1f0 ? __pfx_enable_drhd_fault_handling+0x10/0x10 enable_drhd_fault_handling+0x151/0x180 cpuhp_invoke_callback+0x1df/0x990 cpuhp_thread_fun+0x1ea/0x2c0 smpboot_thread_fn+0x1f5/0x2e0 ? __pfx_smpboot_thread_fn+0x10/0x10 kthread+0x12a/0x2d0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x4a/0x60 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> Holding the lock in enable_drhd_fault_handling() triggers a lockdep splat about a possible deadlock between dmar_global_lock and cpu_hotplug_lock. This is avoided by not holding dmar_global_lock when calling iommu_device_register(), which initiates the device probe process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.9%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2025-21876

Linux » Linux Kernel » Version: 6.10

cpe:2.3:o:linux:linux_kernel:6.10
Linux » Linux Kernel » Version: 6.10.0

cpe:2.3:o:linux:linux_kernel:6.10.0
Linux » Linux Kernel » Version: 6.10.1

cpe:2.3:o:linux:linux_kernel:6.10.1
Linux » Linux Kernel » Version: 6.10.10

cpe:2.3:o:linux:linux_kernel:6.10.10
Linux » Linux Kernel » Version: 6.10.11

cpe:2.3:o:linux:linux_kernel:6.10.11
Linux » Linux Kernel » Version: 6.10.12

cpe:2.3:o:linux:linux_kernel:6.10.12
Linux » Linux Kernel » Version: 6.10.13

cpe:2.3:o:linux:linux_kernel:6.10.13
Linux » Linux Kernel » Version: 6.10.14

cpe:2.3:o:linux:linux_kernel:6.10.14
Linux » Linux Kernel » Version: 6.10.2

cpe:2.3:o:linux:linux_kernel:6.10.2
Linux » Linux Kernel » Version: 6.10.3

cpe:2.3:o:linux:linux_kernel:6.10.3
Linux » Linux Kernel » Version: 6.10.4

cpe:2.3:o:linux:linux_kernel:6.10.4
Linux » Linux Kernel » Version: 6.10.5

cpe:2.3:o:linux:linux_kernel:6.10.5
Linux » Linux Kernel » Version: 6.10.6

cpe:2.3:o:linux:linux_kernel:6.10.6
Linux » Linux Kernel » Version: 6.10.7

cpe:2.3:o:linux:linux_kernel:6.10.7
Linux » Linux Kernel » Version: 6.10.8

cpe:2.3:o:linux:linux_kernel:6.10.8
Linux » Linux Kernel » Version: 6.10.9

cpe:2.3:o:linux:linux_kernel:6.10.9
Linux » Linux Kernel » Version: 6.11

cpe:2.3:o:linux:linux_kernel:6.11
Linux » Linux Kernel » Version: 6.11.1

cpe:2.3:o:linux:linux_kernel:6.11.1
Linux » Linux Kernel » Version: 6.11.10

cpe:2.3:o:linux:linux_kernel:6.11.10
Linux » Linux Kernel » Version: 6.11.11

cpe:2.3:o:linux:linux_kernel:6.11.11
Linux » Linux Kernel » Version: 6.11.2

cpe:2.3:o:linux:linux_kernel:6.11.2
Linux » Linux Kernel » Version: 6.11.3

cpe:2.3:o:linux:linux_kernel:6.11.3
Linux » Linux Kernel » Version: 6.11.4

cpe:2.3:o:linux:linux_kernel:6.11.4
Linux » Linux Kernel » Version: 6.11.5

cpe:2.3:o:linux:linux_kernel:6.11.5
Linux » Linux Kernel » Version: 6.11.6

cpe:2.3:o:linux:linux_kernel:6.11.6
Linux » Linux Kernel » Version: 6.11.7

cpe:2.3:o:linux:linux_kernel:6.11.7
Linux » Linux Kernel » Version: 6.11.8

cpe:2.3:o:linux:linux_kernel:6.11.8
Linux » Linux Kernel » Version: 6.11.9

cpe:2.3:o:linux:linux_kernel:6.11.9
Linux » Linux Kernel » Version: 6.12

cpe:2.3:o:linux:linux_kernel:6.12
Linux » Linux Kernel » Version: 6.12.1

cpe:2.3:o:linux:linux_kernel:6.12.1
Linux » Linux Kernel » Version: 6.12.10

cpe:2.3:o:linux:linux_kernel:6.12.10
Linux » Linux Kernel » Version: 6.12.11

cpe:2.3:o:linux:linux_kernel:6.12.11
Linux » Linux Kernel » Version: 6.12.12

cpe:2.3:o:linux:linux_kernel:6.12.12
Linux » Linux Kernel » Version: 6.12.13

cpe:2.3:o:linux:linux_kernel:6.12.13
Linux » Linux Kernel » Version: 6.12.14

cpe:2.3:o:linux:linux_kernel:6.12.14
Linux » Linux Kernel » Version: 6.12.15

cpe:2.3:o:linux:linux_kernel:6.12.15
Linux » Linux Kernel » Version: 6.12.16

cpe:2.3:o:linux:linux_kernel:6.12.16
Linux » Linux Kernel » Version: 6.12.17

cpe:2.3:o:linux:linux_kernel:6.12.17
Linux » Linux Kernel » Version: 6.12.2

cpe:2.3:o:linux:linux_kernel:6.12.2
Linux » Linux Kernel » Version: 6.12.3

cpe:2.3:o:linux:linux_kernel:6.12.3
Linux » Linux Kernel » Version: 6.12.4

cpe:2.3:o:linux:linux_kernel:6.12.4
Linux » Linux Kernel » Version: 6.12.5

cpe:2.3:o:linux:linux_kernel:6.12.5
Linux » Linux Kernel » Version: 6.12.6

cpe:2.3:o:linux:linux_kernel:6.12.6
Linux » Linux Kernel » Version: 6.12.7

cpe:2.3:o:linux:linux_kernel:6.12.7
Linux » Linux Kernel » Version: 6.12.8

cpe:2.3:o:linux:linux_kernel:6.12.8
Linux » Linux Kernel » Version: 6.12.9

cpe:2.3:o:linux:linux_kernel:6.12.9
Linux » Linux Kernel » Version: 6.13

cpe:2.3:o:linux:linux_kernel:6.13
Linux » Linux Kernel » Version: 6.13.1

cpe:2.3:o:linux:linux_kernel:6.13.1
Linux » Linux Kernel » Version: 6.13.2

cpe:2.3:o:linux:linux_kernel:6.13.2
Linux » Linux Kernel » Version: 6.13.3

cpe:2.3:o:linux:linux_kernel:6.13.3
Linux » Linux Kernel » Version: 6.13.4

cpe:2.3:o:linux:linux_kernel:6.13.4
Linux » Linux Kernel » Version: 6.13.5

cpe:2.3:o:linux:linux_kernel:6.13.5
Linux » Linux Kernel » Version: 6.14

cpe:2.3:o:linux:linux_kernel:6.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-21876

Products

Pricing

Contact Us